As the amount of data generated by always-connected consumers continues to increase, IT departments are scrambling to deploy technologies that are able to put said data to use. Understanding how to safely leverage this data using established business systems is a major challenge. Historically, this task fell to legacy identity and access management (IAM) technologies, which could easily manage hundreds or thousands of corporate employee identities and devices.
Customer identities and devices, however, number in the millions, and managing that much data exposes several shortcomings in traditional IAM technology:
Initially, IT professionals addressed these shortcomings by adapting IAM systems or building a custom solution themselves. Now, specialized customer identity and access management (cIAM) vendors are developing cloud-based platforms to manage the volumes of unstructured consumer data and generate actionable insights. Best-of-breed cIAM systems feature:
Cloud-based cIAM platforms offload the burden of safely managing structured and unstructured customer data. The technology excels at connecting multiple APIs in a multi-tenant environment, delivers extreme operational flexibility, and includes built-in software integrations for greater agility and flexibility. Customer and internal data assets remain discreet, minimizing the impact of breaches.
Security Takes Center Stage
Cloud and on-premises solutions face the same types of attacks and breaches. According to a 2014 Alert Logic Cloud Security Report, overall attacks remain much more likely to occur in on-premises environments than in the cloud. But breaches are on the rise in cloud-based environments, likely due to wider adoption of cloud-based over on-premises solutions, and the migration of “higher value” data into the cloud. In response, cloud providers strive to build strong security measures into their core architectures.
Cloud-based cIAM platforms rely on API-focused security rather than firewalls, which tend to control access for classes of users. These identity-based security policies have evolved with cloud technology. API-based protocols used by identity providers have a largely open-source background, allowing them to easily adapt. Best practices for working with self-provisioned identities indicate that each transaction should carry within it the attributes required to authenticate and authorize users.
Since leveraged customer data will typically be acted on at many endpoints, best-of-breed cIAM solutions have strong authentication, authorization and auditing policies in place, such as OAuth 2.0 and SAML. In addition, personally identifiable information is encrypted when stored and transmitted. Strong roles and permissions policies enforce tight control over user access, and robust audit logging tracks errors and bugs in the system. Finally, risk-based authentication minimizes friction for users by evaluating risk on each login instance and triggering a two-factor authentication only when necessary. As the “Internet of Things” grows in scale and complexity, this methodology will become increasingly important for practically all digital transactions.
Best-of-breed cIAM platforms also provide auto-compliance with data-privacy policies. A recent survey found that 96 percent of U.S. consumers are at least somewhat concerned about their data privacy. Working with user-provisioned data means businesses must stay in compliance with frequently changing social network privacy policies, as well as with government regulations that apply to any service that interacts with that data. Maintaining this level of compliance on an ongoing basis is risky and time-consuming. Cloud cIAM solutions automate this process.
Cloud Platforms Deliver the Best Solution for Managing Customer Identity Data
Many revenue-driving business systems rely on customer identity management functionality that is outside of the scope of legacy IAM technology. Best-of-breed cloud-based cIAM platforms offer a streamlined deployment that shortens time-to-market, scales to fit business needs, and enables faster and easier integration with applications that help businesses monetize their customer data. Finally, cIAM’s API-based security ensures more secure transactions, while building customer trust and protecting data privacy.
For more information about why IT departments should prioritize migrating their customer data to the cloud, download our free white paper, “cIAM in the Cloud: What’s in It for You?”